Pages

Blog is moving

My blog is moving to http://victormendonca.com/blog/. If you are looking for a specific or older post you are in the right place Otherwise check out my new page for more up to date content.

Monday, July 29, 2013

How To Configure OpenVPN between DD-WRT, Ubuntu and Android

This guide you walk you trough setting up OpenVPN between you DD-WRT router, a laptop and a rooted Android phone so you can connect to home resources, or browse safer while on open networks, like an internet cafe.

Setting up OpenVPN is not that hard, however you may run into issues, so be patient. You will need a CA server to sign the certificates. But don't worry, any Linux machine can do that. However I would advise against doing it on the laptop that you will be using to connect remotelly in case it gets stolen or hacked.

I'm going to start with the CA server, which for me is really just a desktop at home with Ubuntu 12.04.

=> Generating the keys

1- Install OpenVPN and the OpenVPN ui for network manager

$ sudo apt-get install openvpn network-manager-openvpn

2- Copy the easy-rsa directory to /etc/ so it doesn't get overwritten on system updates

3- Connect to your android and transfer the ca.crt, client.crt and client.key

4- Open OpenVPN for Android and click on the plus sign

5- Enter a name

6- Click on Basic

7- Enter server address; change Type to "Certificates"; select the 3x files that we have uploaded; click back twice

8- You should now be able to establish a VPN connection from your phone.

=> Troubleshooting

Ubuntu Logs
You can monitor /var/log/syslog for messages while attempting to open a connection

Timezone
Check that date and time on router is the same as the computer where you created the keys. For me adding a NTP server on the router and changing it's timezone to UTC with no savings fixed my issues.

11 comments:

Before I found your blog I already had OpenVPN working on my DD-WRT router with OpenVPN clients connecting. I found your blog when I wanted to get my Android phone connecting. After following the instructions to configure an Android device I am unable to connect to the OpenVPN server. Is this because I created the client certificate files on a Windows 7 computer?

my dev setting: dev tap0but I have other problems now, I have completely messed up my server and clients and can no longer connect with anything. To create my certificates I followed instructions from here http://www.howtogeek.com/64433/ and for my server and clients config files I followed these instructions http://beboblog.johnbebo.com/2012/11/10/openvpn-server-on-dd-wrt-router.aspx but only used 2 of the sections Configuring the DD-WRT Router and OpenVPN Windows Client also added these 2 lines to my client configs:route-gateway 192.168.1.1redirect-gateway

I would first try to get your connection to work again with the clients. Try to revert any changes you made the past few days.

When that's done you will need to change your dev configuration from "tap0" to "tun0" as OpenVPN on Android doesn't support tap (I think Android itself doesn't support tap interface). Test your Android and if it works then change your other clients to use tun0 as well (not sure if they get that configuration from the server).